Abusing Bitcoin Blockchain for Fun and Profit

Hackers don’t stop at ‘What is it used for?’ but always extend their curiosity to ‘What it can be used for?’ and that’s part of what differentiates hacker’s mindset from many others. With that in mind, today we will look at good ol’ blockchain.

Because it’s used for writing transactions, btc blockchain carries some properties you’re probably familiar with: public accessibility (anyone or anything can get the information from the blockchain), decentralization – meaning no authority can change confirmed blocks and last, but very important, you can write arbitrary data to the blockchain by making transactions! This is what a transaction packet looks like:

First message ever written to the blockchain was by Satoshi Nakamoto himself:

“The Times 03/Jan/2009 Chancellor on brink of second bailout for banks”.

For example, I love the fact that someone wrote Satoshi Nakamoto’s original whitepaper about bitcoin network to the blockchain. This transaction wrote the hex values that represent Nelson Mandela picture and his quote:

Someone did cross site scripting attack demo, although it is now fixed on blockchain.info, it used to work (maker on reddit). This is what he wrote to the blockchain:

<script>window.alert(“If this were an actual exploit, your mywallet would be empty.”)</script>

There are many other stuff written out there that is left for you to explore as it’s not the topic of this article. If you want to be the part of the blockchain without messing with the technicalities, use cryptgraffiti.info to add your own text or image to the blockchain.

Illegitimate uses of blockchain

Saving encoded data on the blockchain is as old as the blockchain itself and there were many cases of using mentioned properties for malicious purposes (there is a lot of encrypted data written). The fact that no one can take your message down makes it really tough Command & Control server for malware. Operators could store commands on the blockchain and authorities can’t take it down. One could argue that Tor’s hidden service is almost as difficult to take down, but Tor has had its flaws and hidden services have been taken down in the past which is not true for the bitcoin blockchain.

Furthermore, malware can be nothing more than a program which explores the blockchain to find the encrypted payload and then load it into memory and execute it without touching the disk with it. This method is very troublesome for anti-virus solutions even with normal C&C servers. I’m not trying to say these are revolutionary ideas with insane benefits, but it has its advantages with the plus of being innovative and cool af.

I wouldn’t mention this if it wasn’t already publicly available, but blockchain can be used for storing valuable illegal data such as 0days, stolen credit cards data, CP and more. The point is that you can encrypt such data with public keys and hold and sell only private keys so you don’t worry about losing such valuable data or getting caught with it. One could argue that it’s no different than having an encrypted hard drive and it is true for the most part, but it has some subtle benefits. E.g., local authorities could copy suspect’s encrypted hard drive and wait for a vulnerability in used encryption (many encryption algorithms in the past have proven to be flawed) or trick you (hack you, beat you) to get the key. On the other hand, having only transaction hash stored, authorities might never find out what the hash represents. Seemingly, you don’t have any encrypted data so you’re not suspicious at all – reminds me of steganography and cryptography relation.

Blockchain technology is revolutionizing the world and has huge potential so it’s expected to be useful to criminals as well. Only time will tell what human creativity will yield in this fast developing technology.

3 comments

1. Use free hex editor tool to open word file
2. Copy the file in hex format (we can write arbitrary data in hex format)
3. Split it on bitcoin address length chunks
4. Send minor amount to those addresses as one transaction
5. Voila! Well, I didn’t explain step #4, it can be done in 2 ways:

Check the links provided in the article, you can use a web application to write that hex data or do your own diligence and use some github script to learn something and spend the saved money on your favorite poison ;)